VYPR

apk package

chainguard/ruby3.2-sinatra

pkg:apk/chainguard/ruby3.2-sinatra

Vulnerabilities (1)

  • CVE-2024-21510MedNov 1, 2024
    affected < 4.1.0-r0fixed 4.1.0-r0

    Versions of the package sinatra from 0.0.0 are vulnerable to Reliance on Untrusted Inputs in a Security Decision via the X-Forwarded-Host (XFH) header. When making a request to a method with redirect applied, it is possible to trigger an Open Redirect Attack by inserting an arbit